A great effect of spending a day in the same room with 20 or so more geeking inclined others, is you get a lot of examples, tools and services mentioned. And geek is as geek does, I try them out on the spot. Today this helped me become aware that something is wrong on my server with the OAuth authentication I run. I thought that it was working fine, as it is no problem to actually use it, for instance to log in with my own domain name at the IndieWeb wiki. But when interacting with my micropublishing endpoint not all goes well.

Today I noticed that:

  • When I try to post from Micropublish.net, I can log in at micropublish.net, but when I try to post I get an ‘unauthorized’ error
  • When I try to use the Omnibear Firefox add-on it authorises ok, but then endlessly tries to load the list of syndication targets
  • When I use Quill to post, it posts fine, but does not load the list of syndication targets

Those missing syndication targets (now that I understand what they are from todays sessions) was what first caught my eye. Testing the micropublish endpoint on my server myself I got the correct response, but Quill turned out to get ‘unauthorized’ as response for that request, just like micropublish.net got for posting.

The endpoint gives a correct response

In WordPress my IndieAuth plugin has a diagnostic tool, and running that, it turns out an authorisation header is not send out.

Which seems to be causing the problems. Reading in the links provided it seems like with XML-RPC, my hoster is actively blocking that header. [UPDATE: It is not, it’s just not available in the way the server currently runs PHP] Resulting in exactly the same experience as I had with XML-RPC, that it seems to be only half working (namely the ‘safe’ uses work, while the rest fails). There’s a work around, renaming the headers that get send out, and implementing that work-around is a thing for me to do tomorrow. To see if I can get around being unauthorised. [UPDATE: That workaround did not work until now]

8 reactions on “Unauthorized!

  1. It’s day 2 of the IndieWeb Camp in Nürnberg, which means it’s coding day. There are a few things on my list before I board a train at three thirty back home. None of them are as advanced or grand as the list I made earlier. I learned a lot yesterday, in terms of understanding what happens where when I use indieweb protocols, so I can now see the different layers of the lasagna more clearly.
    So for today the plan is:

    Remove a uid h-card microformat statement from my site template as it is declared multiple times instead of just once
    Try and fix the authorisation header issue with IndieAuth
    Work on how Webmentions are presented in this Sempress theme, which I now know is a theming issue, and not a webmention issue

  2. Last weekend during the Berlin IndieWeb Camp, Aaron Parecki gave a brief overview of where he/we is/are concerning the ‘social reader’. This is of interest to me because since ever I have been reading RSS, I’m doing by hand what he described doing more automatically.
    These are some notes I made watching the live stream of the event.
    Compared to the algorithmic timelines of FB, Twitter and Instagram, that show you what they decide to show you, the Social Reader is about taking control: follow the things you want, in the order that you want.
    RSS readers were and are like that. But RSS reading never went past linear reading of all the posts from all your feeds in reverse chronological order. No playing around with how these feeds are presented to you. And no possibility to from within the reader take actions based on the things you read (sharing, posting, bookmarking, flagging, storing etc.): there are not action buttons on your feedreader, other than mark as unread or archive.
    In the IndieWeb world, publishing works well Aaron said, but reading has been an issue (at least if it goes beyond reading a blog and commenting).
    That’s why he built Monocle, and Aperture. Aperture takes all kinds of feeds, RSS, JSON, Twitter, and even scripts pushing material to it. These are grouped in channels. Monocle is a reader on top of that, where he presents those channels in a nice way. Then he added action buttons to it. Like reply etc. Those actions you initiate directly in the reader, and always post to your own site. The other already existing IndieWeb building blocks then send it to the original source of the item you’re responding to. See Aaron’s posting from last March with screenshots “Building an IndieWeb Reader“, to get a feeling for how it all looks in practice.
    The power of this set-up is that it separates the layers, of how you collect material, how work on that material, and how you present content. It looked great when Aaron demo’d it when I met him at IWC Nürnberg two weeks earlier.
    For me, part of the actions I’d like to take are definitely outside the scope of my own website, or at the very least outside the public part of my website. See what I wrote about my ideal feed reader. Part of automation of actions I’d want to point to different workflows on my own laptop for instance. To feed into desk research, material for client updates, and things like that.
    I’m interested in running things like Aperture and Monocle locally, but a first step is exploring them in the way Aaron provides them to test drive. Aperture works fine. But I can’t yet get Monocle to work for me. This is I guess the same issue I ran into two weeks ago with how my site doesn’t support sending authorisation headers.

  3. It seems I can now indeed post to my site from Quill and use the syndication list, having solved the header authorization issues I had from running php as fastcgi.
    [UPDATE: indeed, testing the IndieAuth plugin, now gives positive results, as opposed to when I tried to do this at IndieWebCamp last fall.

    /UPDATE]

  4. For 2019’s Q1 I want to do a ‘weekly hack’. There are many small odd jobs around the house, on my computer, our network, or in my workflows. They often are in my todo lists, but never get done, simply because they never have any urgency attached to them and so the rest of my life goes first. Yet they often do hinder me, and keep nagging to be resolved. Either that or they are the small wished for fixes (I really should have a page for X / I really should make a template for Y).
    So 12 ‘hacks’, fixes or odd jobs in Q1 2019 it is. If it becomes a habit after that it will mean doing some 4 dozen small things to make life easier per year. That’s a lot of things done incrementally over time. A first braindump gave me some 20 things to choose from (and the one I ended up doing first wasn’t even on that original list, but came to me later ).

    19#01 Create and use a template for the first read through and note taking of a non-fiction book.I made it in Tinderbox, which is an outliner plus mapping tool by Mark Bernstein. The template is mostly based on this WikiHow page on reading non-fiction, with some added questions (e.g. concerning assumptions made by the author)(the template in map and in outline view). For each book I copy that template. Each element in the outline/map is also a note which can have text, images etc. Tinderbox then lets you export the whole thing as a document, in this case the summary of my reading notes of a book. Which can then be blogged or published in other ways. [Category: workflow, habits]

    19#02 Do an edit in Open Street Map. For a long time open data consultant and activist, I actually do very little with data. My focus is on helping government entities change, so that their data becomes available routinely and at high quality. So, while Open Street Map (OSM) is a re-users of large amounts of Dutch open government data I never actually edited something in it. Peter’s suggestion this week triggered me to change that. [Category: learning]

    19#03 Export notes from presentation deck. I regularly give presentations, and use the speaker notes to write out the story and to present. Writing up the presentation story afterwards I used to copy by hand the presenter notes to my text editor and then turn it into a blogpost. This is however time consuming (copy and pasting text from each slide). To make that easier I searched for an applescript online and adapted it to my use. Now copying the notes to the clipboard is just one click, and then it is stored in my ClipMenu tool to past into whatever editor or word processor I want to use it in. Available from github.

    19#04 Add an ‘on this day’ function. To show blogposts from earlier years on the current day. Added and fixed a plugin, that provides a shortcode.

    19#05 Automatically transform bank journal entries into procurement journal entries Made an Applescript that takes the bank journal entries from my double entry book keeping system as csv, and then for the entries that are marked as procurement, creates the correct entry for the procurement journal. Output is in CSV again, which I can directly import into my book keeping system. Script published on github

    19#06 I redid my changes to the Semantic Backlinks plugin to display webmentions differently on my site. After an update my earlier changes had been overwritten. So following my own earlier documentation, I fixed it again.

    19#07 Fixed the authorization header issue on my site. This was keeping me from using microsub and micropub applications to post to my site. Having tried various things suggested online, in the end the Drupal fora provided the right answer. Adding RewriteRule .* – [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] to htaccess solved the issue

Comments are closed.